Language Selection

English French German Italian Portuguese Spanish

today's leftover links

Filed under
News




More in Tux Machines

Security Leftovers

  • Thousands of FedEx customers' private info exposed in legacy server data breach

    Uncovered by Kromtech Security Center, the parent company of MacKeeper Security, the breach exposed data such as passport information, driver's licenses and other high profile security IDs, all of which were hosted on a password-less Amazon S3 storage server.

  • Correlated Cryptojacking

    they include The City University of New York (cuny.edu), Uncle Sam's court information portal (uscourts.gov), Lund University (lu.se), the UK's Student Loans Company (slc.co.uk), privacy watchdog The Information Commissioner's Office (ico.org.uk) and the Financial Ombudsman Service (financial-ombudsman.org.uk), plus a shedload of other .gov.uk and .gov.au sites, UK NHS services, and other organizations across the globe.

    Manchester.gov.uk, NHSinform.scot, agriculture.gov.ie, Croydon.gov.uk, ouh.nhs.uk, legislation.qld.gov.au, the list goes on.

  • Facebook using 2FA cell numbers for spam, replies get posted to the platform

    Replies ending up as comments appears to be a bizarre bug, but the spamming seems intentional.

  • Swedish Police website hacked [sic] to mine cryptocurrency

    Remember now, it is a Police Force that allowed their website to be hijacked by this simple attack vector. The authority assigned to serve and protect. More specifically, the authority that argues that wiretapping is totally safe because the Police is competent in IT security matters, so there’s no risk whatsoever your data will leak or be mishandled.

    This is one of the websites that were trivially hacked [sic].

    It gives pause for thought.

    It also tells you what you already knew: authorities can’t even keep their own dirtiest laundry under wraps, so the notion that they’re capable or even willing to protect your sensitive data is hogwash of the highest order.

  • New EU Privacy Law May Weaken Security

    In a bid to help domain registrars comply with the GDPR regulations, ICANN has floated several proposals, all of which would redact some of the registrant data from WHOIS records. Its mildest proposal would remove the registrant’s name, email, and phone number, while allowing self-certified 3rd parties to request access to said data at the approval of a higher authority — such as the registrar used to register the domain name.

    The most restrictive proposal would remove all registrant data from public WHOIS records, and would require legal due process (such as a subpoena or court order) to reveal any information supplied by the domain registrant.

  • Intel hit with 32 lawsuits over security flaws

    Intel Corp said on Friday shareholders and customers had filed 32 class action lawsuits against the company in connection with recently-disclosed security flaws in its microchips.

  • The Risks of "Responsible Encryption"

    Federal law enforcement officials in the United States have recently renewed their periodic demands for legislation to regulate encryption. While they offer few technical specifics, their general proposal—that vendors must retain the ability to decrypt for law enforcement the devices they manufacture or communications their services transmit—presents intractable problems that would-be regulators must not ignore.

  • Reviewing SSH Mastery 2nd Ed

    It’s finally out ! Michael W Lucas is one of the best authors of technical books out there. I was curious about this new edition. It is not a reference book, but covers the practical aspects of SSH that I wish everybody knew. Rather than aggregating different articles/blogs on SSH, this book covers 90% of the common use cases for SSH that you will ever encounter.

Android Leftovers

Amazon Linux 2 - Who nicked my cheese?

So far, it's a relatively benign, easy introduction to a new operating system that blends the familiar and new in a timid package. Perhaps that's the goal, because a radical offering would right away scare everyone. Amazon Linux 2 is an appealing concept, as it gives users what Red Hat never quite did (yet) - A Fedora-like bleeding-edge tech with the stability and long-term support of the mainstay enterprise offering. But then, it also pulls a Debian/Ubuntu stunt by breaking ABI, so it will be cubicle to those who enjoying living la vida loco (in their cubicle or open-space prison). Having lived and breathed the large-scale HPC world for many years, I am quite piqued to see how this will evolve. Performance, stability and ease of use will be my primary concerns. Then, is it possible to hook up a remote virtual machine into the EC2 hive? That's another experiment, and I'd like to see if scaling and deployment works well over distributed networks. Either way, even if nothing comes out of it, Amazon Linux 2 is a nice start to a possibly great adventure. Or yet another offspring in the fragmented family we call Linux. Time will tell. Off you go. Cloud away. Read more

Updates From OpenIndiana and LibreOffice (Projects That Oracle Discarded)

  • Migration to GCC 6.4 as userland compiler
    Modulo some minor details, the transition of our userland to GCC 6 is complete.
  • OpenIndiana Has Upgraded To The GCC 6 Compiler
    The OpenSolaris/Illumos-based OpenIndiana operating system has finally moved past GCC 4.9 as its base user-land compiler and is now using GCC 6.4. This comes while GCC 8.1 should be officially released in the next few weeks and they are already targeting GCC 7.3.0 as their next illumos-gate compiler.
  • LibreOffice 6.0 Open-Source Office Suite Passes 1 Million Downloads Mark
    The Document Foundation announced recently that its LibreOffice 6.0 open-source and cross-platform office suite reached almost 1 million downloads since its release last month on January 31, 2018. That's terrific news for the Open Source and Free Software community and a major milestone for the acclaimed LibreOffice office suite, which tries to be a free alternative to proprietary solutions like Microsoft Office. The 1 million downloads mark was reached just two weeks after the release of LibreOffice 6.0, which is the biggest update ever of the open-source office suite adding numerous new features and enhancements over previous versions.